Press Releases

Posted on March 23, 2016

WASHINGTON, March 23 – Republican committee leaders in the Senate and House today asked the administration for information about the 316 security breaches on HealthCare.gov catalogued in a new report released by the nonpartisan government watchdog, the Government Accountability Office (GAO).

The Senate and House members sent a letter to Health and Human Services Secretary Sylvia Burwell and Centers for Medicare & Medicaid Services Acting Administrator Andy Slavitt seeking information about the report finding that between October 2013 to March 2015, HealthCare.gov had 316 security incidents, including 41 which involved personally identifiable information.

They wrote: “In order to assist us in fulfilling our oversight responsibilities, ‎please send us a list and description of every security incident involving HealthCare.gov since October 2013, including how many individuals’ records were compromised, whether the incident involved personally identifiable information, and whether the affected individuals were notified. Please also send the HHS Breach Response Team’s charter and Standard Operating Procedures, its annual reports since 2013, the CMS breach response plan, and the after-action reports for each security incident.

“If HHS did not inform affected individuals, we urge you to change that policy immediately.”

The leaders, who had previously requested information from the administration about the website’s security, told Secretary Burwell they were concerned that they had not earlier been informed of the security breaches.